Published On: Tue, Mar 21st, 2017

Over 300 Cisco Products Vulnerable to Critical Security Flaw Found in WikiLeaks’ CIA Dump

Cisco Systems has warned that a vicious disadvantage has been detected that could concede an assailant to execute capricious formula and obtain full control on some-more than 300 models of Cisco switches and routers. The association pronounced it found a feat by a WikiLeaks’ Vault 7 cache of papers that suggested sum about a save of exploits used by a US Central Intelligence Agency. WikiLeaks had reportedly forwarded a agreement to tech companies that they have to determine to if they wish entrance to sum of confidence vulnerabilities that were disclosed in Vault 7.

“A disadvantage in a Cisco Cluster Management Protocol (CMP) estimate formula in Cisco IOS and Cisco IOS XE Software could concede an unauthenticated, remote assailant to means a reload of an influenced device or remotely govern formula with towering privileges,” Cisco warned in an advisory. The association combined that it found a disadvantage during a research of papers associated to a Vault 7 disclosure.

The disadvantage in a Cisco Cluster Management Protocol (CMP) in IOS and IOS XE and is in a default pattern of influenced devices and can be exploited over possibly IPv4 or IPv6. Tracked as CVE-2017-3881, a bug allows a remote assailant to means influenced switches to reload or govern capricious formula with towering privileges and benefit full control of a device.

“An assailant could feat this disadvantage by promulgation deformed CMP-specific Telnet options while substantiating a Telnet event with an influenced Cisco device configured to accept Telnet connections. An feat could concede an assailant to govern capricious formula and obtain full control of a device or means a reload of a influenced device,” Cisco’s advisory said.

Cisco pronounced there is now no patch or workaround for this vicious vulnerability. The zero-day affects 264 Catalyst switches, along with 51 industrial Ethernet switches and 3 other devices, if they’re using IOS and are configured to accept Telnet connections. Cisco advises disabling Telnet in preference of SSH, until a patch for this zero-day is done available. Some of a influenced models are no longer supported. For some-more details, greatfully revisit a advisory.

WikiLeaks had pronounced that it carried out thousands of redactions to forestall the release of feat code, however, it did recover some supportive information, including IP and email addresses of targets. WikiLeaks had progressing pronounced that usually Mozilla had contacted them. Apparently, Cisco had also concluded to a terms of a whistleblowing company.

“Fortunately, WikiLeaks’ Vault7 has available Cisco’s confidence group to brand a disadvantage but releasing a feat code,” WikiLeaks said. “Cisco was a many active of a US manufacturers and the confidence group instituted hit with WikiLeaks final week.”

About the Author

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>